package com.security.test.config;

import com.security.test.filter.JwtTokenFilter;
import com.security.test.filter.JwtTokenFilter2;
import com.security.test.filter.MyLoginFilter;
import com.security.test.handle.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.context.SecurityContextHolderFilter;

/**
 * @author songmin.hou
 */
@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)
@EnableWebSecurity
public class SecurityConfig {

    @Autowired
    private MyUserDetailService myUserDetailService;

    @Autowired
    private MyDeniedHandler myDeniedHandler;

    @Autowired
    private MyEntryPointHandle myEntryPointHandle;

    @Autowired
    private MyAuthenticationProvider myAuthenticationProvider;

    @Autowired
    private JwtTokenFilter2 jwtAuthenticationTokenFilter;

    @Autowired
    private MySuccessHandler mySuccessHandler;

    @Autowired
    private MyFailurelHandler myFailurelHandler;

    @Bean
    public SecurityFilterChain mySecurityFilterChain(HttpSecurity http, AuthenticationConfiguration authenticationConfiguration) throws Exception {
        http.userDetailsService(myUserDetailService).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .authorizeRequests()
//                .antMatchers("/user/login").permitAll()
                .anyRequest().authenticated()
                .and().exceptionHandling()
                .accessDeniedHandler(myDeniedHandler)
                .authenticationEntryPoint(myEntryPointHandle)
                .and()
//                .addFilterAfter(new JWTLoginFilter(), UsernamePasswordAuthenticationFilter.class)
                .authenticationProvider(myAuthenticationProvider)
//                .addFilterAfter(jwtAuthenticationTokenFilter, SecurityContextHolderFilter.class)
                .addFilterAfter(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
                .formLogin().disable()
//                .and()
                .apply(new MyUsernamePasswordLoginConfig<>())
//                .successHandler(new MySuccessHandler())
                .loginSuccessHandler(mySuccessHandler)
                .loginFailHandler(myFailurelHandler)
                .loginProcessingUrl("/user/login")
                .and().logout()
                .logoutUrl("/user/logout")
                .logoutSuccessHandler(new MyLogoutHandler())
                .and().cors().disable().csrf().disable();
        return http.build();
    }


}
